rpm package
opensuse/chromium&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.6
Vulnerabilities (196)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-0612 | — | < 132.0.6834.110-bp156.2.72.1 | 132.0.6834.110-bp156.2.72.1 | Jan 22, 2025 | Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-0611 | — | < 132.0.6834.110-bp156.2.72.1 | 132.0.6834.110-bp156.2.72.1 | Jan 22, 2025 | Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-0448 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2025-0447 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2025-0446 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) | ||
| CVE-2025-0443 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2025-0442 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2025-0441 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2025-0440 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2025-0439 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2025-0438 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-0437 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-0436 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-0435 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-0434 | — | < 132.0.6834.83-bp156.2.69.1 | 132.0.6834.83-bp156.2.69.1 | Jan 15, 2025 | Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-12695 | — | < 131.0.6778.204-bp156.2.65.1 | 131.0.6778.204-bp156.2.65.1 | Dec 18, 2024 | Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-12694 | — | < 131.0.6778.204-bp156.2.65.1 | 131.0.6778.204-bp156.2.65.1 | Dec 18, 2024 | Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-12693 | — | < 131.0.6778.204-bp156.2.65.1 | 131.0.6778.204-bp156.2.65.1 | Dec 18, 2024 | Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-12692 | — | < 131.0.6778.204-bp156.2.65.1 | 131.0.6778.204-bp156.2.65.1 | Dec 18, 2024 | Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-12053 | — | < 131.0.6778.108-bp156.2.59.1 | 131.0.6778.108-bp156.2.59.1 | Dec 3, 2024 | Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) |
- CVE-2025-0612Jan 22, 2025affected < 132.0.6834.110-bp156.2.72.1fixed 132.0.6834.110-bp156.2.72.1
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-0611Jan 22, 2025affected < 132.0.6834.110-bp156.2.72.1fixed 132.0.6834.110-bp156.2.72.1
Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-0448Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
- CVE-2025-0447Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
- CVE-2025-0446Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
- CVE-2025-0443Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-0442Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-0441Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-0440Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-0439Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-0438Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-0437Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-0436Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-0435Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-0434Jan 15, 2025affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-12695Dec 18, 2024affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1
Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-12694Dec 18, 2024affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-12693Dec 18, 2024affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-12692Dec 18, 2024affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2024-12053Dec 3, 2024affected < 131.0.6778.108-bp156.2.59.1fixed 131.0.6778.108-bp156.2.59.1
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Page 3 of 10